micheee/ldap auth.php

## ldap auth.php
<?php
/*
 * Author: <xxxx>@uni-konstanz.de
 * Version: 20080915
 */
  class LDAP {
    var $authed = false;
    /**
	 * Auth a username and a password against the ldap service
	 * @param object $username [optional]
	 * @param object $password [optional]
	 * @return boolean "authed"
	 */
  function __construct($username=false, $password=false)
  {

    if(!$username || !$password)
      {$this->authed = false;
      return;}
  	$user = $username; $pass=$password;
    // set URL of OpenLDAP based directory service of RZ
    $ldapsrv = "ldaps://ldap-******1.uni-****.de";

    // get directory context from directory service
    $ds = ldap_connect($ldapsrv);

    // test if connection to directory service can be established
    if ($ds)
    {
      ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 1);
      // set required LDAP protocol version
      ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
      // set username in email-alias format and password
      $username = $user;
      $password = $pass;
      // set container where all user data is stored
      $dn = "ou=people,o=universitaet konstanz,c=de";

      // set rdn to bind to
      $rdn = "cn=$username,$dn";

      // start authentication by performing a simple bind operation to directory
      // service, if bind operation returns a result, user is considered as
      // authenticated
      $r = ldap_bind($ds,$rdn,"$password");

      // test if authentication succeeds
      if ($r)
      {
        $filter = "(eduPersonAffiliation=member)";

        $sr = ldap_search($ds, $dn, $filter);
        ldap_close($ds);
        // test if authorization succeeds
        if ($sr)
        {
          $this->authed = true;
          return;
        }
        else
        {
          $this->authed = false;
          return;
        }

        // end of authorization section
      }
      else
      {
          return false;
      }

      // close connection to directory service
    }
    else
    {
      // connection to directory service failed
     echo "Connection to directory service $ldapsrv failed";
    }
    $this->authed = false;
    return;
    }
    function authed(){
      return $this->authed;
    }
}

?>
	<?php
	/*
	* Author: <xxxx>@uni-konstanz.de
	* Version: 20080915
	*/
	class LDAP {
	var $authed = false;
	/**
	* Auth a username and a password against the ldap service
	* @param object $username [optional]
	* @param object $password [optional]
	* @return boolean "authed"
	*/
	function __construct($username=false, $password=false)
	{

	if(!$username \|\| !$password)
	{$this->authed = false;
	return;}
	$user = $username; $pass=$password;
	// set URL of OpenLDAP based directory service of RZ
	$ldapsrv = "ldaps://ldap-****1.uni-**.de";

	// get directory context from directory service
	$ds = ldap_connect($ldapsrv);

	// test if connection to directory service can be established
	if ($ds)
	{
	ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 1);
	// set required LDAP protocol version
	ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
	// set username in email-alias format and password
	$username = $user;
	$password = $pass;
	// set container where all user data is stored
	$dn = "ou=people,o=universitaet konstanz,c=de";

	// set rdn to bind to
	$rdn = "cn=$username,$dn";

	// start authentication by performing a simple bind operation to directory
	// service, if bind operation returns a result, user is considered as
	// authenticated
	$r = ldap_bind($ds,$rdn,"$password");

	// test if authentication succeeds
	if ($r)
	{
	$filter = "(eduPersonAffiliation=member)";

	$sr = ldap_search($ds, $dn, $filter);
	ldap_close($ds);
	// test if authorization succeeds
	if ($sr)
	{
	$this->authed = true;
	return;
	}
	else
	{
	$this->authed = false;
	return;
	}

	// end of authorization section
	}
	else
	{
	return false;
	}

	// close connection to directory service
	}
	else
	{
	// connection to directory service failed
	echo "Connection to directory service $ldapsrv failed";
	}
	$this->authed = false;
	return;
	}
	function authed(){
	return $this->authed;
	}
	}

	?>